8 matches found
CVE-2025-65075
WaveView client allows users to execute restricted set of predefined commands and scripts on the connected WaveStore Server. A malicious attacker with high-privileges is able to read or delete files, with the permissions of dvr user, on the server using path traversal in the alog script. This iss...
CVE-2025-65075
WaveView client allows users to execute restricted set of predefined commands and scripts on the connected WaveStore Server. A malicious attacker with high-privileges is able to read or delete files, with the permissions of dvr user, on the server using path traversal in the alog script. This iss...
CVE-2025-65075
WaveView client allows users to execute restricted set of predefined commands and scripts on the connected WaveStore Server. A malicious attacker with high-privileges is able to read or delete files, with the permissions of dvr user, on the server using path traversal in the alog script. This iss...
CVE-2025-65075 Arbitrary File Read and Delete via Path Traversal in WaveStore Server
WaveView client allows users to execute restricted set of predefined commands and scripts on the connected WaveStore Server. A malicious attacker with high-privileges is able to read or delete files, with the permissions of dvr user, on the server using path traversal in the alog script. This iss...
CVE-2025-65075 Arbitrary File Read and Delete via Path Traversal in WaveStore Server
WaveView client allows users to execute restricted set of predefined commands and scripts on the connected WaveStore Server. A malicious attacker with high-privileges is able to read or delete files, with the permissions of dvr user, on the server using path traversal in the alog script. This iss...
CVE-2025-65075
Summary: CVE-2025-65075/65074/65076 pertains to the WaveView client exposing path-traversal vulnerabilities in WaveStore Server commands/scripts. Public reports describe arbitrary file read/delete via path traversal in specific server-side scripts (alog, showerr, ilog) executed with high/root pri...
Wave Terminal 路径遍历漏洞
Wave Terminal is an enterprise collaboration system from the Wave Terminal open source. A path traversal vulnerability exists in Wave Terminal, which stems from a path traversal in the alog script that could result in reading or deleting files...
PT-2025-51559
WaveView client allows users to execute restricted set of predefined commands and scripts on the connected WaveStore Server. A malicious attacker with high-privileges is able to read or delete files, with the permissions of dvr user, on the server using path traversal in the alog script. This iss...